Monday, May 22, 2017

Fortigate SSLVPN and multiple -realms

In this blog we will show how to  use a fortigate with  numerous realms. The realm name would be the target  URL path


In this design , we have craft  2 realm for our spanish and french speakers. This will allow you  craft  unique pages and even have unique authentication requirements such as users/groups/ldap-authservers

1st here's a topo-map

2nd  you need to craft the respective  realm and web-portals. In mine case the web-portals are web-mode only , but these could be tunnel-mode  or a combination.

In our vpn ssl settings we will define the   auth-roles;

And now if you login at your site with the correct, you will be auth by that auth-role and present just that webportal.

and for  our french speakers;


TIP: make sure you have the  SSLVPN fwpolicies with the correct group(s)
Yeap , it's that easy !

Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=

        /  \

No comments:

Post a Comment